公开(公告)号：US20190141119A1

公开(公告)日：2019-05-09

申请号：US16234734

申请日：2018-12-28

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned Smith ,  Kshitij Doshi ,  Alexander Bachmutsky ,  Suraj Prabhakaran

IPC: H04L29/08 ,  H04L12/24

Abstract: Technologies for function as a service (FaaS) arbitration include an edge gateway, multiple endpoint devices, and multiple service providers. The edge gateway receives a registration request from a service provider that is indicative of an FaaS function identifier and a transform function. The edge gateway verifies an attestation received from the service provider and registers the service provider. The edge gateway receives a function execution request from an endpoint device that is indicative of the FaaS function identifier. The edge gateway selects the service provider based on the FaaS function identifier, programs an accelerator with the transform function, executes the transform function with the accelerator to transform the function execution request to a provider request, and submits the provider request to the service provider. The service provider may be selected based on an expected service level included in the function execution request. Other embodiments are described and claimed.

公开(公告)号：US20160246998A1

公开(公告)日：2016-08-25

申请号：US15144331

申请日：2016-05-02

Applicant: Intel Corporation

Inventor： Ned Smith ,  Purushottam Goel ,  Victoria Moore

IPC: G06F21/82 ,  G06F21/60

CPC classification number: G06F21/82 ,  G06F21/00 ,  G06F21/35 ,  G06F21/604 ,  G06F2221/2137

Abstract: Systems and methods may provide implementing one or more device locking procedures to block access to a device. In one example, the method may include receiving an indication that a user is no longer present, initiating a timing mechanism to set a period to issue a first device lock instruction to lock a peripheral device, relaying timing information from the timing mechanism to a controller module associated with the peripheral device; and locking the peripheral device upon expiration of the period.

Abstract translation: 系统和方法可以提供实现一个或多个设备锁定过程以阻止对设备的访问。 在一个示例中，该方法可以包括接收用户不再存在的指示，启动定时机制以设置周期以发出第一设备锁定指令以锁定外围设备，将定时信息从定时机制中继到控制器 与外围设备相关的模块; 并且在所述周期期满时锁定所述外围设备。

公开(公告)号：US09223952B2

公开(公告)日：2015-12-29

申请号：US13630100

申请日：2012-09-28

Applicant: Intel Corporation

Inventor： Keith Shippy ,  Tobias Kohlenberg ,  Mubashir Mian ,  Ned Smith ,  Omer Ben-Shalom ,  Tarun Viswanathan ,  Dennis Morgan ,  Timothy Verrall ,  Manish Dave ,  Eran Birk

IPC: G06F17/00 ,  H04L29/06 ,  G06F21/31 ,  H04W12/06 ,  H04W88/02

CPC classification number: H04L63/105 ,  G06F21/316 ,  G06F2221/2105 ,  G06F2221/2113 ,  H04L63/08 ,  H04L2463/082 ,  H04W12/06 ,  H04W88/02

Abstract: Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy. In one example, one or more cryptographic keys are used to place the device in an unlocked state with regard to the selected level of access if the authentication is successful. If the authentication is unsuccessful, on the other hand, the device may be maintained in a locked state with regard to the selected level of access.

Abstract translation: 系统和方法可以提供用于从设备的一个或多个解锁接口接收运行时间输入，并且基于运行时间输入从多个访问级别中选择关于设备的访问级别。 所选择的访问级别可以具有相关联的安全策略，其中可以基于相关联的安全策略来执行运行时输入的认证。 在一个示例中，如果认证成功，则使用一个或多个加密密钥来将设备关于所选择的访问级别放置在解锁状态。 如果认证不成功，另一方面，相对于所选择的访问级别，设备可以保持在锁定状态。

公开(公告)号：US12271327B2

公开(公告)日：2025-04-08

申请号：US18035705

申请日：2020-12-24

Applicant: Intel Corporation

Inventor： Kaijie Guo ,  Xin Zeng ,  Ned Smith ,  Weigang Li ,  Junyuan Wang ,  Songwu Shen ,  Zijuan Fan ,  Yao Huo ,  Maksim Lukoshkov ,  Laurent Coquerel

IPC: G06F13/28

Abstract: Techniques and mechanisms for determining an operation to be performed with a direct memory access (DMA) request. An inspection unit (105) is coupled between an input-output memory management unit (IOMMU) (120) and an endpoint device (118). The inspection unit (105) stores a registry (330) comprising entries (332) which each correspond to a respective address, and a respective one or more resources of the endpoint device (118). A given entry (332) of the registry (330) is created based on a message from the IOM MU (120) which indicates the successful completion of an address translation to facilitate a DMA request. The endpoint device (118) performs a search, based on a DMA request, to determine if any registry (330) entry (332) indicates a combination of an address and an endpoint resource, where said combination matches a corresponding combination indicated by the DMA request. Communication of the DMA request to the IOMMU (120) is contingent on a result of the search.

公开(公告)号：US11880714B2

公开(公告)日：2024-01-23

申请号：US17521592

申请日：2021-11-08

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Karthik Kumar ,  Ned Smith ,  Thomas Willhalm ,  Timothy Verrall

IPC: G06F9/50 ,  G06F9/48 ,  G06F9/54 ,  G06F1/26 ,  G06F9/455 ,  G06F1/3293

CPC classification number: G06F9/5027 ,  G06F1/26 ,  G06F1/3293 ,  G06F9/45558 ,  G06F9/48 ,  G06F9/485 ,  G06F9/4806 ,  G06F9/4843 ,  G06F9/4856 ,  G06F9/4881 ,  G06F9/4893 ,  G06F9/50 ,  G06F9/5005 ,  G06F9/505 ,  G06F9/5044 ,  G06F9/5055 ,  G06F9/5061 ,  G06F9/5072 ,  G06F9/5094 ,  G06F9/54 ,  G06F9/547 ,  G06F2009/45595

Abstract: Technologies for providing dynamic selection of edge and local accelerator resources includes a device having circuitry to identify a function of an application to be accelerated, determine one or more properties of an accelerator resource available at the edge of a network where the device is located, and determine one or more properties of an accelerator resource available in the device. Additionally, the circuitry is to determine a set of acceleration selection factors associated with the function, wherein the acceleration factors are indicative of one or more objectives to be satisfied in the acceleration of the function. Further, the circuitry is to select, as a function of the one or more properties of the accelerator resource available at the edge, the one or more properties of the accelerator resource available in the device, and the acceleration selection factors, one or more of the accelerator resources to accelerate the function.

公开(公告)号：US20230409197A1

公开(公告)日：2023-12-21

申请号：US18239363

申请日：2023-08-29

Applicant: Intel Corporation

Inventor： Kaijie Guo ,  Ashok Raj ,  Ned Smith ,  Weigang Li ,  Junyuan Wang ,  Xin Zeng ,  Brian Will ,  Zijuan Fan ,  Michael E. Kounavis ,  Qianjun Xie ,  Yuan Wang ,  Yao Huo

IPC: G06F3/06

CPC classification number: G06F3/061 ,  G06F3/0655 ,  G06F3/0673

Abstract: An embodiment of an integrated circuit may comprise memory to store respective resource control descriptors in correspondence with respective identifiers, and an input/output (JO) memory management unit (IOMMU) communicatively coupled to the memory, the IOMMU including circuitry to determine resource control information for an IO transaction based on a resource control descriptor stored in the memory that corresponds to an identifier associated with the IO transaction, and control utilization of one or more resources of the IOMMU based on the determined resource control information. Other embodiments are disclosed and claimed.

公开(公告)号：US11799911B2

公开(公告)日：2023-10-24

申请号：US17187145

申请日：2021-02-26

Applicant: Intel Corporation

Inventor： Ned Smith

IPC: H04L9/40 ,  G06F16/27 ,  H04L67/12 ,  H04L9/32 ,  H04L67/04 ,  H04L67/10 ,  H04L9/08 ,  H04L67/01 ,  H04L67/00 ,  H04L67/60 ,  H04L67/50 ,  H04L67/562 ,  H04L9/00

CPC classification number: H04L63/20 ,  G06F16/27 ,  H04L9/0897 ,  H04L9/3239 ,  H04L63/06 ,  H04L63/061 ,  H04L63/10 ,  H04L63/101 ,  H04L63/102 ,  H04L67/00 ,  H04L67/01 ,  H04L67/04 ,  H04L67/12 ,  H04L67/535 ,  H04L67/562 ,  H04L67/60 ,  H04L9/50

Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to facilitate information exchange using publish-subscribe with blockchain. An example apparatus includes a security manager to integrate a security service with an instruction execution flow in a distributed device environment. The security manager is to include a processor. The processor is to be configured to implement at least an executable hierarchical state machine to provide credential management and access management in conjunction with instruction execution according to an execution plan. The executable hierarchical state machine is to generate a security context for the execution plan to implement a guard condition governing a transition from a first state to a second state in accordance with the execution plan.

公开(公告)号：US11687375B2

公开(公告)日：2023-06-27

申请号：US17724764

申请日：2022-04-20

Applicant: Intel Corporation

Inventor： Ned Smith ,  Changzheng Wei ,  Songwu Shen ,  Ziye Yang ,  Junyuan Wang ,  Weigang Li ,  Wenqian Yu

IPC: G06F9/50 ,  G06F21/76 ,  G06F21/60

CPC classification number: G06F9/5044 ,  G06F9/505 ,  G06F21/76 ,  G06F21/602 ,  G06F2209/509 ,  Y02D10/00

Abstract: Technologies for hybrid field-programmable gate array (FPGA) application-specific integrated circuit (ASIC) code acceleration are described. In one example, the computing device includes a FPGA comprising: algorithm circuitry to: perform one or more algorithm tasks of an algorithm, wherein the algorithm to perform a service request that is offloaded to the FPGA; and determine a primitive task associated with an algorithm task of the one or more algorithm tasks; primitive offload circuitry to encapsulate the primitive task in a buffer of the FPGA, wherein the buffer is accessible by an ASIC of the computing device; and result circuitry to return one or more results of the service request responsive to performance of the primitive task by the ASIC.

公开(公告)号：US11509679B2

公开(公告)日：2022-11-22

申请号：US16945221

申请日：2020-07-31

Applicant: Intel Corporation

Inventor： Ned Smith ,  Rajesh Poornachandran

IPC: H04L9/00 ,  H04L9/40 ,  H04L9/06 ,  G06F9/46 ,  G06F21/62 ,  H04L9/32 ,  G06F21/64

Abstract: Example methods, apparatus, systems and articles of manufacture (e.g., non-transitory physical storage media) to provide trust topology selection for distributed transaction processing in computing environments are disclosed herein. Example distributed transaction processing nodes disclosed herein include a distributed transaction application to process a transaction in a computing environment based on at least one of a centralized trust topology or a diffuse trust topology. Disclosed example distributed transaction processing nodes also include a trusted execution environment to protect first data associated with a centralized trust topology and to protect second data associated with a diffuse trust topology. Disclosed example distributed transaction processing nodes further include a trust topology selector to selectively configure the distributed transaction application to use the at least one of the centralized trust topology or the diffuse trust topology to process the transaction.

公开(公告)号：US20220357989A1

公开(公告)日：2022-11-10

申请号：US17552833

申请日：2021-12-16

Applicant: Intel Corporation

Inventor： Francesc Guim Bernat ,  Ned Smith ,  Kshitij Doshi ,  Raghu Kondapalli ,  Alexander Bachmutsky

IPC: G06F9/50 ,  H04L9/08 ,  H04L9/40

Abstract: Technologies for providing a multi-tenant local breakout switching and dynamic load balancing include a network device to receive network traffic that includes a packet associated with a tenant. Upon a determination that the packet is encrypted, a secret key associated with the tenant is retrieved. The network device decrypts a payload from the packet using the secret key. The payload is indicative of one or more characteristics associated with network traffic. The network device evaluates the characteristics and determines whether the network traffic is associated with a workload requesting compute from a service hosted by a network platform. If so, the network device forwards the network traffic to the service.